IETF Logo Mail Archive

Re: I-D Action: draft-gont-6man-non-stable-iids-00.txt

Lorenzo Colitti <lorenzo@google.com> Tue, 31 May 2016 09:05 UTC

Return-Path: <lorenzo@google.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7686D12D0C6 for <ipv6@ietfa.amsl.com>; Tue, 31 May 2016 02:05:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.126
X-Spam-Level:
X-Spam-Status: No, score=-4.126 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-1.426, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZjFRa4-Izrd8 for <ipv6@ietfa.amsl.com>; Tue, 31 May 2016 02:05:38 -0700 (PDT)
Received: from mail-yw0-x230.google.com (mail-yw0-x230.google.com [IPv6:2607:f8b0:4002:c05::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 424F212D096 for <ipv6@ietf.org>; Tue, 31 May 2016 02:05:38 -0700 (PDT)
Received: by mail-yw0-x230.google.com with SMTP id o16so182232160ywd.2 for <ipv6@ietf.org>; Tue, 31 May 2016 02:05:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=AldQywwjjgpx+db4vrbT+RdygmjZ45CPlGfIVyvpkGc=; b=A28ijneSOESfZpp8LvDEx5EWZ8Le6OOtE/VSNaZg99YtjA1n9nXSvuiJdEnRpVBJ+Q JkuBYZmyjS+g2f0IzoHfv7cw2tIVkat/p5cIqkz+OhN/2xMA6SfjSK5aUdRzDM+s1rgB 0O0wVx53mStu9At1l9zpMx34UQlk3AytBwZk2ydYl74OJWuZT3J1vo1Lib/0Jq0NAeJL aENKEjEesqA4Cd7WWl9A7+s22csS/+wvcJ4i6AwKtlxEPzlIWHDz3t8NJOnwzX86UxNc rELY4j62GFCmENi55zCvM2p+0kQGyCfILfHA3fnHQHq6SFJHj4T1izwnf7SD4jnrirUf aOog==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=AldQywwjjgpx+db4vrbT+RdygmjZ45CPlGfIVyvpkGc=; b=Bosp3S2ZKsWSRLsGk0EWWd3Dmiyu/xJlHSyIU7r+RWavMbJlwqTfwu1W1qSSIjd/Nh VRAaWsKBhsExqLN9c7RmZUBaHG0tGRZ4YGmCJBHmqzZh9naf5aRzo52RbFfDgRLUgXtb LJUW1L81aXYSwo9fYk8IEzxUuC9I8H1/eo5ykOUwpwJBH/ekQbgW+yyR3c0eFhKgVuZC jj9kUWeo+hvbrdTHzOdorseFSZo/8SnskOzR8k8fVBRbMFIBemW+bS1Ezy6vcEywGEL+ R2ga55dGZUixPrtDyeiuI0hZRwfeD+6wxLgpfPpaHgK7kDP5V44Md7I8FoQpXwRAs4S5 nonA==
X-Gm-Message-State: ALyK8tKv+12gzzGThVpIC20XQDd7pmranjvojld7e9Gn6VrLciRQJD8YgR+mjSD1Nvt5h0E3OqJm5WbdZDoDA4A/
X-Received: by 10.129.82.214 with SMTP id g205mr21485985ywb.66.1464685537360; Tue, 31 May 2016 02:05:37 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.37.198.210 with HTTP; Tue, 31 May 2016 02:05:17 -0700 (PDT)
In-Reply-To: <90628A01-A7C0-4D2C-83ED-74F3F9963E00@employees.org>
References: <20160523150736.10739.19307.idtracker@ietfa.amsl.com> <de70bacb-40f2-0684-897f-8a5167b68c36@gmail.com> <85D7A11B-03B1-4570-8F4B-EA533FF2CAEA@employees.org> <CAKD1Yr0c0R3zO+ejcLKCqize8ncQVmV_Cgy1F_JO4UdoDi=_Ng@mail.gmail.com> <3F8CA752-D0B9-4516-9C93-C736BF9946CF@employees.org> <CAKD1Yr1OMWyksyt7m50AuVFQcAsa3xqfn4BytHUA0HjpuG8MNw@mail.gmail.com> <02BC17C8-35B8-4BC4-9A3B-D7DF61C84CAA@employees.org> <CAKD1Yr3trrLEziadqxSKC2QzFOSS6=45b4j4b1Zc-53Q-kQsJw@mail.gmail.com> <90628A01-A7C0-4D2C-83ED-74F3F9963E00@employees.org>
From: Lorenzo Colitti <lorenzo@google.com>
Date: Tue, 31 May 2016 18:05:17 +0900
Message-ID: <CAKD1Yr3dOwH8ESDOc59xnv6uqP50FXoX-OH4pXMCuSM0DMe8qg@mail.gmail.com>
Subject: Re: I-D Action: draft-gont-6man-non-stable-iids-00.txt
To: Ole Troan <otroan@employees.org>
Content-Type: multipart/alternative; boundary="001a114dc69429f96705341fadd0"
Archived-At: <http://mailarchive.ietf.org/arch/msg/ipv6/7YIZlUDKtmAsDaNrKbV-YanRRrw>
Cc: 6man WG <ipv6@ietf.org>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 31 May 2016 09:05:41 -0000

On Tue, May 31, 2016 at 5:36 PM, <otroan@employees.org> wrote:

> > Your statement does not mean much unless you define "public". The
> difference between RFC 4941 addresses and other addresses is not are that
> RFC 4941 addresses are not persistent.
>
> IPv6 addresses are not persistent. they are all ephemeral. it is just a
> matter of the lifetime.
>

Right, but there are many orders of magnitude differences between EUI-64
(~= life of the device) and RFC4941 (1 day).


> a public address is one registered in DNS or some other external registry.
> I would argue that the address you use to reach facebook (and thereby
> couple address and identity) you have made that address a public address.
>

I don't think it's the same. The DNS comes with no expectation of privacy.
If you use an address to talk to Facebook, it's not public in that people
cannot look it up. Facebook knows it, just like everyone else whom you
choose to talk to knows the address you used to talk to them. Your ISP
might know it. The NSA might know it. But again, what's the threat model?
Facebook telling someone else what address you used? For what purpose, and
what would happen if it did?


> I think a "this prefix is dedicated to you" flag in the RA would be useful.
>
> that would likely require a change to the subnet model.
>

Really? How is it different from, say, 127.0.0.0/8, or the delegated subnet
on a CPE router?


> > That's NOT RECOMMENDED by draft-ietf-v6ops-host-addr-availability.
>
> it doesn't really matter if that draft says that. in reality there is a
> limit. an address can either fail silently (possibly with an ICMP) or
> explicitly.
>

I think failing silently is better.

v2.23.0 | Report a Bug | By Email